Advanced authentication technology for computing devices

ABSTRACT

Receiving an input authentication pattern, the input authentication pattern including non-alphanumeric input data. Determining if the input authentication pattern matches a previously stored authentication pattern. Providing access to a computing resource if the input authentication pattern matches the previously stored authentication pattern.

BACKGROUND

This invention relates generally to processing within a computingenvironment, and more particularly to advanced authentication technologyfor computing devices.

Traditional text password based security systems often fail becauseusers need to memorize multiple complicated passwords. Even the mostcomplex passwords are vulnerable to keyloggers, which can interceptlegitimate passwords and render them useless. Even less sophisticatedtechniques can be used to determine a password. Phishing, for example,which involves deceiving someone by providing them with a link thatpurports to be a legitimate site, but is instead a cleverly conceivedfraudulent copy of the original site which is designed to capture theirpassword, can compromise even a secure password. In some instances, evensomeone looking over one's shoulder in a crowded space to obtain apassword may compromise a secure password.

Attempts by application developers and device manufacturers to addsecurity to their systems often require obscure combinations of upperand lower case letters, numbers, and symbols. Although these techniquesmay be effective against brute force techniques of password discovery,they are still vulnerable to the methods described above. Furthermore,the addition of these requirements makes passwords more difficult toremember, which often leads to a user writing the password down, leavingthem more vulnerable then they would otherwise have been.

BRIEF SUMMARY

An embodiment includes a method includes receiving an inputauthentication pattern, the input authentication pattern includingnon-alphanumeric input data. The method further includes determining ifthe input authentication pattern matches a previously storedauthentication pattern. If the input authentication pattern matches thepreviously stored authentication pattern then access to a computingresource is provided.

An additional embodiment includes a system. The system includes anadvanced authentication module in communication with a computerprocessor. The advanced authentication module is configured to receivean input authentication pattern, the input authentication patterncomprising non-alphanumeric input data. The advanced authenticationmodule is determines if the input authentication pattern matches apreviously stored authentication pattern. If the input authenticationpattern matches the previously stored authentication pattern then accessis provided to a computing resource.

A further embodiment includes a computer program product. The computerprogram product includes a tangible storage medium readable by aprocessing circuit and storing instructions for execution by theprocessing circuit for performing a method. The method includesreceiving an input authentication pattern, the input authenticationpattern comprising non-alphanumeric input data. The method furtherincludes determining if the input authentication pattern matches apreviously stored authentication pattern. If the input authenticationpattern matches the previously stored authentication pattern then accessto a computing resource is provided.

Additional features and advantages are realized through the techniquesof the present invention. Other embodiments and aspects of the inventionare described in detail herein and are considered a part of the claimedinvention. For a better understanding of the invention with advantagesand features, refer to the description and to the drawings.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS

Referring now to the drawings wherein like elements are numbered alikein the several FIGURES:

FIG. 1 depicts a schematic diagram of a system for implementing advancedauthentication technology on computing devices that may be implementedin an embodiment;

FIG. 2 depicts a schematic diagram of an input mechanism in anembodiment;

FIG. 3 depicts a schematic diagram of a multi entry input mechanism inan embodiment;

FIG. 4 depicts a schematic diagram of a video based input system in anembodiment;

FIG. 5 depicts a process flow for setting an authentication pattern thatmay be implemented in an embodiment; and

FIG. 6 depicts a process flow for receiving an authentication patternthat may be implemented in an embodiment.

DETAILED DESCRIPTION

An embodiment of the present invention provides for advancedauthentication technology for computing devices. In a touch screenenvironment, the position, and frequency of touches to a screen is usedto authenticate a user. In an embodiment, a camera is used to detect ausers motion, and uses the position and frequency of hand gestures toauthenticate a user. In additional embodiments, an infrared emitter andreceiver, a pressure sensitive device, an accelerometer, and/or otherinput device is used to input motions for authentication.

Rather than relying on the keyboard for input, which can be sensed viakeyloggers, remote electro magnetic pulse (EMP) detectors, etc, otherinput mechanisms and devices are used to collect authenticationinformation. These devices include touch screens, motion sensors,standard and infrared cameras, and pressure sensitive devices which areused to determine where, and how frequently one performs a certainmotion or touch in order to provide a password.

In an embodiment, by encoding regions of the screen using, for example,quadrants, values are assigned to the regions, and are used to collectpatterns for authentication. Subsequently, a sequence of touches inthose quadrants that matches the original input would unlock the device.In an additional embodiment, every other input is ignored and thepassword is padded with irrelevant data (such as AABBCCDD, AABACADBwhich both unlock a computer whose secret code is A_B_C_D).

Additional embodiments include detecting 1 to n, simultaneous touches ton distinct positions on the screen. This value is encoded into a singlevalue such that a user must touch multiple positions on the screen“simultaneously” or nearly simultaneously. Nearly simultaneously isdefined herein to mean multiple locations registered concurrently withinsome small threshold of time.

In further embodiments, gestures are also incorporated creating moresophisticated systems, such as swiping a finger or multiple fingers in asingle direction or an arc, or drawing some other continuous linesegment with varying direction.

Any of the above embodiments may be used alone or together. In addition,values of the spacing of intervals between inputs may be incorporatedsuch that an identical value input registered in a different timesignature than the recorded or key value would cause the input to fail.

Turning now to FIG. 1, a system 100 for implementing advancedauthentication technology of computing devices will now be described. Inan embodiment, the system 100 includes a computing device 102 executingcomputer instructions for advanced authentication. Computing device 102may operate in any type of environment that is capable of executing asoftware application. Computing device 102 may comprise a high-speedcomputer processing device, such as a mainframe computer, to manage thevolume of operations governed by an entity for which the advancedauthentication instructions are executing. In additional embodiments,the computing device 102 may be a personal computer (e.g., a lap top, apersonal digital assistant, a mobile device, a mobile telephone, anetwork device, a hardware appliance, a physical security mechanism, ora consumer electronic device) or host attached terminals. In anembodiment, the computing device 102 is part of an enterprise (e.g., acommercial business) that implements the advanced authentication.

In an embodiment, the system 100 depicted in FIG. 1 includes one or moreclient systems 104 through which users at one or more geographiclocations may contact the computing device 102. The client systems 104are coupled to the computing device 102 via one or more networks 106.Each client system 104 may be implemented using a general-purposecomputer executing a computer program for carrying out the processesdescribed herein. The client systems 104 may be personal computers(e.g., a lap top, a personal digital assistant, a mobile device) or hostattached terminals. If the client systems 104 are personal computers,the processing described herein may be shared by a client system 104 andthe computing device 102 (e.g., by providing an applet to the clientsystem 104). Client systems 104 may be operated by authorized users(e.g., programmers) of the advanced authentication described herein.

The networks 106 may be any type of known network including, but notlimited to, a wide area network (WAN), a local area network (LAN), aglobal network (e.g., Internet), a virtual private network (VPN), and anintranet. The networks 106 may be implemented using a wireless networkor any kind of physical network implementation known in the art. Aclient system 104 may be coupled to the computing device 102 throughmultiple networks (e.g., intranet and Internet) so that not all clientsystems 104 are coupled to the computing device 102 through the samenetwork. One or more of the client systems 104 and the computing device102 may be connected to the networks 106 in a wireless fashion. In oneembodiment, the networks 106 include an intranet and one or more clientsystems 104 executing a user interface application (e.g., a web browser)to contact the computing device 102 through the networks 106. In anotherembodiment, the client system 104 is connected directly (i.e., notthrough the networks 106) to the computing device 102 and the computingdevice 102 contains memory for storing data in support of advancedauthentication. Alternatively, a separate storage device (e.g., storagedevice 112) may be implemented for this purpose.

In an embodiment, the storage device 112 includes a data repository withdata relating to advanced authentication by the system 100, as well asother data/information desired by the entity representing the computingdevice 102 of FIG. 1. The storage device 112 is logically addressable asa consolidated data source across a distributed environment thatincludes networks 106. Information stored in the storage device 112 maybe retrieved and manipulated via the computing device 102 and/or theclient systems 104. In an embodiment, the storage device 112 includesone or more databases containing, e.g., authentication data andcorresponding configuration parameters, values, methods, and properties,as well as other related information as will be discussed more fullybelow. It will be understood by those of ordinary skill in the art thatthe storage device 112 may also comprise other structures, such as anXML file on the file system or distributed over a network (e.g., one ofnetworks 106), or from a data stream from another server located on anetwork 106. In addition, all or a portion of the storage device 112 mayalternatively be located on a client system 104.

The computing device 102 depicted in the system of FIG. 1 may beimplemented using one or more servers operating in response to acomputer program stored in a storage medium accessible by the server.The computing device 102 may operate as a network server (e.g., a webserver) to communicate with the client systems 104. The computing device102 handles sending and receiving information to and from the clientsystems 104 and can perform associated tasks. The computing device 102may also include a firewall to prevent unauthorized access to thecomputing device 102 and enforce any limitations on authorized access.For instance, an administrator may have access to the entire system andhave authority to modify portions of the system. A firewall may beimplemented using conventional hardware and/or software as is known inthe art.

The computing device 102 may also operate as an application server. Thecomputing device 102 executes one or more computer programs to providethe advanced authentication. Computing device 102 includes an advancedauthentication module 108. As indicated above, processing may be sharedby the client systems 104 and the computing device 102 by providing anapplication (e.g., java applet) to the client systems 104.Alternatively, the client system 104 can include a stand-alone softwareapplication for performing a portion or all of the processing describedherein. As previously described, it is understood that separate serversmay be utilized to implement the network server functions and theapplication server functions. Alternatively, the network server, thefirewall, and the application server may be implemented by a singleserver executing computer programs to perform the requisite functions.

It will be understood that the advanced authentication system describedin FIG. 1 may be implemented in hardware, software executing on ageneral purpose computer, or a combination thereof.

FIG. 2 is a schematic diagram of an input mechanism in an embodiment. Inan embodiment, the input mechanism 200 of FIG. 2 is provided by anadvanced authentication module, such as the advanced authenticationmodule 108 of FIG. 1. The input mechanism 200 is divided into sections:section A 202, section B 204, section C 206, and section D 208. Each ofthe sections is used to input pattern elements to a device. Acombination of one or more pattern elements is used to create anauthentication pattern. Once an authentication pattern is established,entering the same authentication pattern serves to authenticate a user,thereby allowing the user to access the device, and/or an applicationexecuting on the device.

In an embodiment, the pattern is entered by touching the section on atouch sensitive input device (i.e. a touch screen display, a trackpad, apen tablet, etc.). For example, to enter a pattern AABD, a user touchessection A 202, then touches section A 202 again, then touches section B204, and finally touches section D 208. In an embodiment, security isenhanced by adding extra pattern elements that are ignored (i.e.inactive pattern elements). For instance, the advanced authenticationmodule 108 may be configured to ignore every other pattern element.Therefore, a pattern of AABD would be valid for entries such as AABABBCDor BACADBDD. In an additional embodiment, security is enhanced byincluding the tempo of entry of the pattern elements as part of theauthentication pattern. Using tempo would require not only the correctsequence of pattern elements in the authentication pattern, but also thecorrect spacing of time between each of the entries.

It will be understood that any combinations of the above referencedentry and authentication mechanisms may be used together. It willfurther be understood that although FIG. 2 illustrates only 4 segments,the entry point can be configured to into a grid of two or moredivisions. In addition, the divisions may be displayed on screen duringentry, or hidden from view. In an embodiment, the divisions areconfigured into varying shapes and sizes and distributed over the screento further obfuscate entry of the pattern.

In addition, although the grid has been describe with reference to ascreen or device, it will be understood that patterns may be enteredusing gestures in front of a motion capture device such as an infraredor standard camera as will be described in more detail below.

FIG. 3 depicts a schematic diagram of a multi entry input mechanism inan embodiment. In an embodiment, the input mechanism 300 of FIG. 3 isprovided by an advanced authentication module, such as the advancedauthentication module 108 of FIG. 1. In an embodiment, the inputmechanism 300 is divided into multiple parts with each of the partscomprising a different style of input. In an embodiment, a lower section304 is used to input piano key strokes, while an upper section 302 isused to input a motion based pattern. An authentication pattern is thecombination of a pattern, such as a circle, being swiped on the uppersection 302, while a user inputs a series of taps, such as a pianochord, on the lower section 304. The authentication pattern is stored asa combination of the two simultaneous patterns, and an authenticationwould depend on the entry of the two same patterns simultaneously ornearly simultaneously.

FIG. 4 depicts a schematic diagram of a video based input system in anembodiment. In an embodiment, the input mechanism 400 of FIG. 4 isprovided by an advanced authentication module such, as the advancedauthentication module 108 of FIG. 1. In an embodiment, a room 402includes a motion input device 404. The motion input device 404 may be astandard video camera, an infrared camera, or a combination of the two.In additional embodiments, the motion input device 404 may be any typeof motion capture device as is known in the art. The motion input device404 captures motion within a motion range 406. Motion is captured whenan individual 408 performs a motion within the motion range 406.Patterns are input by the individual 408 using any type of motion,either using their fingers, their hands, or their entire body. In anembodiment, the individual 408 receives feedback from a monitor 410. Themonitor 410 may be any device capable of video playback. The monitor 410is in communication with the advanced authentication module 108 of FIG.1 and receives a video feed from the motion input device 404. In anembodiment, a grid, such as the grids of FIGS. 2 and 3 may be overlaidon the video playing on the monitor 410 to assist the individual 408 inentering the authentication pattern. The monitor 410 may be directlyconnected the advanced authentication module 108, or connected over anetwork.

In an embodiment, the motion of the individuals is stored as any of theauthentication patterns discussed above. In addition, any combination ofmotions or gestures may be used as an authentication pattern.

FIG. 5 depicts a process flow for setting an authentication pattern thatmay be implemented in an embodiment. In an embodiment, the process flowof FIG. 5 is executed on the advanced authentication module 108 ofFIG. 1. At block 502, the input method for receiving an authenticationpattern is configured. The input configuration is selected from thevarious methods disclosed above, and is dependent on the availablehardware. For example, touch gestures are only available for devicesequipped with a mechanism for capturing the touch gestures. Once theinput method is configured, at block 504 the first entry in the patternis received. At block 506, it is determined if the pattern is configuredto use a temporal pattern. If the pattern is not temporal, then at block508 the remainder of the authentication pattern is received. At block510, the authentication pattern is stored.

Returning to block 506, if the pattern is temporal, then at block 512,the time between entries is recorded and processing continues at block508.

FIG. 6 depicts a process flow for receiving an authentication patternthat may be implemented in an embodiment. In an embodiment, the processflow of FIG. 6 is executed on the advanced authentication module 108 ofFIG. 1. At block 602, an authentication process is initiated. In anembodiment, the authentication process is initiated by selecting anoption on the computing device. In an additional embodiment, turning on,or activating the computing device initiates the authentication process.In a further embodiment, the authentication process is initiating byinputting the authentication pattern. At block 604, the authenticationpattern is received. At block 606, it is determined if theauthentication pattern is configured to support obfuscation. Ifobfuscation is not supported, then at block 608 it is determined if thereceived authentication pattern matches a previously stored pattern. Ifit is determined that the received authentication pattern matches thepreviously stored authentication pattern, then at block 610 it isdetermined if the authentication pattern is configured to support atemporal authentication pattern. If the authentication pattern is notconfigured to support the temporal authentication pattern, then at block612, authentication is successful, and access to the computing resource(i.e. a computing device, software application, etc.) is allowed.

Returning to block 606, if the authentication pattern is configured tosupport obfuscation, then at block 614, the inactive part of the pattern(i.e. the parts determined to be non-pattern data) are stripped from orthe received authentication pattern, and the stripped part of theauthentication pattern is processed from block 608. In an embodiment,the inactive part of the pattern is ignored. Returning to block 608, ifthe received authentication pattern, or the stripped authenticationpattern does not match the previously stored authentication pattern,then at block 616 authentication fails, and access to the computingdevice, or software application is denied.

Returning to block 610, if it is determined that the authenticationpattern is configured to support a temporal pattern, then at block 618,it is determined if the input tempo of the received authenticationpattern matches the tempo of the previously stored authenticationpattern. If the tempo does not match, then authentication fails at block616. If the temp matches, then authentication is successful at block612.

Technical effects and benefits include a secure method of authenticationwithout requiring an alphanumeric password. An additional benefitincludes the ability to input an authentication pattern in the presenceof others without revealing the authentication pattern based on atemporal pattern, and/or obfuscation of the authentication pattern. Afurther benefit is the ability to input authentication patterns usingvarious methods and input devices.

The terminology used herein is for the purpose of describing particularembodiments only and is not intended to be limiting of the invention. Asused herein, the singular forms “a”, “an” and “the” are intended toinclude the plural forms as well, unless the context clearly indicatesotherwise. It will be further understood that the terms “comprises”and/or “comprising,” when used in this specification, specify thepresence of stated features, integers, steps, operations, elements,and/or components, but do not preclude the presence or addition of oneor more other features, integers, steps, operations, elements,components, and/or groups thereof.

The corresponding structures, materials, acts, and equivalents of allmeans or step plus function elements in the claims below are intended toinclude any structure, material, or act for performing the function incombination with other claimed elements as specifically claimed. Thedescription of the present invention has been presented for purposes ofillustration and description, but is not intended to be exhaustive orlimited to the invention in the form disclosed. Many modifications andvariations will be apparent to those of ordinary skill in the artwithout departing from the scope and spirit of the invention. Theembodiment was chosen and described in order to best explain theprinciples of the invention and the practical application, and to enableothers of ordinary skill in the art to understand the invention forvarious embodiments with various modifications as are suited to theparticular use contemplated.

As will be appreciated by one skilled in the art, aspects of the presentinvention may be embodied as a system, method or computer programproduct. Accordingly, aspects of the present invention may take the formof an entirely hardware embodiment, an entirely software embodiment(including firmware, resident software, micro-code, etc.) or anembodiment combining software and hardware aspects that may allgenerally be referred to herein as a “circuit,” “module” or “system.”Furthermore, aspects of the present invention may take the form of acomputer program product embodied in one or more computer readablemedium(s) having computer readable program code embodied thereon.

Any combination of one or more computer readable medium(s) may beutilized. The computer readable medium may be a computer readable signalmedium or a computer readable storage medium. A computer readablestorage medium may be, for example, but not limited to, an electronic,magnetic, optical, electromagnetic, infrared, or semiconductor system,apparatus, or device, or any suitable combination of the foregoing. Morespecific examples (a non-exhaustive list) of the computer readablestorage medium would include the following: an electrical connectionhaving one or more wires, a portable computer diskette, a hard disk, arandom access memory (RAM), a read-only memory (ROM), an erasableprogrammable read-only memory (EPROM or Flash memory), an optical fiber,a portable compact disc read-only memory (CD-ROM), an optical storagedevice, a magnetic storage device, or any suitable combination of theforegoing. In the context of this document, a computer readable storagemedium may be any tangible medium that can contain, or store a programfor use by or in connection with an instruction execution system,apparatus, or device.

A computer readable signal medium may include a propagated data signalwith computer readable program code embodied therein, for example, inbaseband or as part of a carrier wave. Such a propagated signal may takeany of a variety of forms, including, but not limited to,electro-magnetic, optical, or any suitable combination thereof. Acomputer readable signal medium may be any computer readable medium thatis not a computer readable storage medium and that can communicate,propagate, or transport a program for use by or in connection with aninstruction execution system, apparatus, or device.

Program code embodied on a computer readable medium may be transmittedusing any appropriate medium, including but not limited to wireless,wireline, optical fiber cable, RF, etc., or any suitable combination ofthe foregoing.

Computer program code for carrying out operations for aspects of thepresent invention may be written in any combination of one or moreprogramming languages, including an object oriented programming languagesuch as Java, Smalltalk, C++ or the like and conventional proceduralprogramming languages, such as the “C” programming language or similarprogramming languages. The program code may execute entirely on theuser's computer, partly on the user's computer, as a stand-alonesoftware package, partly on the user's computer and partly on a remotecomputer or entirely on the remote computer or server. In the latterscenario, the remote computer may be connected to the user's computerthrough any type of network, including a local area network (LAN) or awide area network (WAN), or the connection may be made to an externalcomputer (for example, through the Internet using an Internet ServiceProvider).

Aspects of the present invention are described above with reference toflowchart illustrations and/or schematic diagrams of methods, apparatus(systems) and computer program products according to embodiments of theinvention. It will be understood that each block of the flowchartillustrations and/or block diagrams, and combinations of blocks in theflowchart illustrations and/or block diagrams, can be implemented bycomputer program instructions. These computer program instructions maybe provided to a processor of a general purpose computer, specialpurpose computer, or other programmable data processing apparatus toproduce a machine, such that the instructions, which execute via theprocessor of the computer or other programmable data processingapparatus, create means for implementing the functions/acts specified inthe flowchart and/or block diagram block or blocks.

These computer program instructions may also be stored in a computerreadable medium that can direct a computer, other programmable dataprocessing apparatus, or other devices to function in a particularmanner, such that the instructions stored in the computer readablemedium produce an article of manufacture including instructions whichimplement the function/act specified in the flowchart and/or blockdiagram block or blocks.

The computer program instructions may also be loaded onto a computer,other programmable data processing apparatus, or other devices to causea series of operational steps to be performed on the computer, otherprogrammable apparatus or other devices to produce a computerimplemented process such that the instructions which execute on thecomputer or other programmable apparatus provide processes forimplementing the functions/acts specified in the flowchart and/or blockdiagram block or blocks.

As described above, embodiments can be embodied in the form ofcomputer-implemented processes and apparatuses for practicing thoseprocesses. In embodiments, the invention is embodied in computer programcode executed by one or more network elements. Embodiments include acomputer program product on a computer usable medium with computerprogram code logic containing instructions embodied in tangible media asan article of manufacture. Exemplary articles of manufacture forcomputer usable medium may include floppy diskettes, CD-ROMs, harddrives, universal serial bus (USB) flash drives, or any othercomputer-readable storage medium, wherein, when the computer programcode logic is loaded into and executed by a computer, the computerbecomes an apparatus for practicing the invention. Embodiments includecomputer program code logic, for example, whether stored in a storagemedium, loaded into and/or executed by a computer, or transmitted oversome transmission medium, such as over electrical wiring or cabling,through fiber optics, or via electromagnetic radiation, wherein, whenthe computer program code logic is loaded into and executed by acomputer, the computer becomes an apparatus for practicing theinvention. When implemented on a general-purpose microprocessor, thecomputer program code logic segments configure the microprocessor tocreate specific logic circuits.

The flowchart and block diagrams in the Figures illustrate thearchitecture, functionality, and operation of possible implementationsof systems, methods, and computer program products according to variousembodiments of the present invention. In this regard, each block in theflowchart or block diagrams may represent a module, segment, or portionof code, which comprises one or more executable instructions forimplementing the specified logical function(s). It should also be notedthat, in some alternative implementations, the functions noted in theblock may occur out of the order noted in the figures. For example, twoblocks shown in succession may, in fact, be executed substantiallyconcurrently, or the blocks may sometimes be executed in the reverseorder, depending upon the functionality involved. It will also be notedthat each block of the block diagrams and/or flowchart illustration, andcombinations of blocks in the block diagrams and/or flowchartillustration, can be implemented by special purpose hardware-basedsystems that perform the specified functions or acts, or combinations ofspecial purpose hardware and computer instructions.

What is claimed is:
 1. A method comprising: receiving a firstnon-alphanumeric input authentication pattern at a first sectioncomprising a first spatial region of a plurality of spatial regions of asingle touch screen of a computer, the touch screen being divided intothe plurality of spatial regions, wherein each of the plurality ofspatial regions does not overlap any of the remaining spatial regions ofthe touch screen, the first section being associated with a first inputstyle, wherein the first spatial region is located in a top portion ofthe single touch screen, and wherein the first input style comprises aswipe of a motion-based pattern; receiving a second non-alphanumericinput authentication pattern at a second section of the touch sensitiveinput device, the second section comprising a second spatial region ofthe plurality of spatial regions of the touch screen that is distinctfrom the first spatial region and being associated with a second inputstyle that is different than the first input style, wherein the secondspatial region is located in a bottom portion of the single touchscreen, such that the entirety of the second spatial region is locatedunderneath the entirety of the first spatial region, and wherein thesecond input style comprises a series of taps received by the secondportion of the touch screen, such that the series of taps are receivednearly simultaneously with the swipe of the motion based pattern;determining, on the computer, that the first non-alphanumeric inputauthentication pattern and the second non-alphanumeric inputauthentication pattern match a previously stored authentication pattern;and providing access to a computing resource responsive to determiningthat the first non-alphanumeric input authentication pattern and thesecond non-alphanumeric input authentication pattern match thepreviously stored authentication pattern.
 2. The method of claim 1,wherein the previously stored authentication pattern includes a temporalpattern, and the determining includes comparing the temporal pattern ofthe previously stored authentication pattern and time between the firstnon-alphanumeric input authentication pattern and the secondnon-alphanumeric input authentication pattern.
 3. A computer systemcomprising: a computer processor; an input mechanism comprising a singletouch screen divided into a plurality of spatial regions, wherein eachof the plurality of spatial regions does not overlap any of theremaining spatial regions of the touch screen; the computer systemconfigured to: receive a first non-alphanumeric input authenticationpattern at a first section of the touch screen, the first sectioncomprising a first spatial region of the plurality of spatial regions,the first section being associated with a first input style, wherein thefirst spatial region is located in a top portion of the single touchscreen, and wherein the first input style comprises a swipe of amotion-based pattern; receive a second non-alphanumeric inputauthentication pattern at a second section of the touch screen, thesecond section comprising a second spatial region of the plurality ofspatial regions of the touch screen that is distinct from the firstspatial region and being associated with a second input style that isdifferent than the first input style, wherein the second spatial regionis located in a bottom portion of the single touch screen, such that theentirety of the second spatial region is located underneath the entiretyof the first spatial region, and wherein the second input stylecomprises a series of taps received by the second portion of the touchscreen, such that the series of taps are received nearly simultaneouslywith the swipe of the motion based pattern; determine that the firstnon-alphanumeric input authentication pattern and the secondnon-alphanumeric input authentication pattern match a previously storedauthentication pattern; and provide access to a computing resourceresponsive to determining that the first non-alphanumeric inputauthentication pattern and the second non-alphanumeric inputauthentication pattern match the previously stored authenticationpattern.
 4. The system of claim 3, wherein the previously storedauthentication pattern includes a temporal pattern, and the determiningincludes comparing the temporal pattern of the previously storedauthentication pattern and time between the first non-alphanumeric inputauthentication pattern and the second non-alphanumeric inputauthentication pattern.
 5. A computer program product comprising: atangible non-transitory storage medium readable by a processing circuitand storing instructions for execution by the processing circuit forperforming a method comprising: receiving a first non-alphanumeric inputauthentication pattern at a first section comprising a first spatialregion of a plurality of spatial regions of a single touch screen of acomputer, the touch screen being divided into the plurality of spatialregions, wherein each of the plurality of spatial regions does notoverlap any of the remaining spatial regions of the touch screen, thefirst section being associated with a first input style, wherein thefirst spatial region is located in a top portion of the single touchscreen, and wherein the first input style comprises a swipe of amotion-based pattern; receiving a second non-alphanumeric inputauthentication pattern at a second section of the touch sensitive inputdevice, the second section comprising a second spatial region of theplurality of spatial regions of the touch screen that is distinct fromthe first spatial region and being associated with a second input stylethat is different than the first input style, wherein the second spatialregion is located in a bottom portion of the single touch screen, suchthat the entirety of the second spatial region is located underneath theentirety of the first spatial region, and wherein the second input stylecomprises a series of taps received by the second portion of the touchscreen, such that the series of taps are received nearly simultaneouslywith the swipe of the motion based pattern; determining, on thecomputer, that the first non-alphanumeric input authentication patternand the second non-alphanumeric input authentication pattern match apreviously stored authentication pattern; and providing access to acomputing resource responsive to determining that the firstnon-alphanumeric input authentication pattern and the secondnon-alphanumeric input authentication pattern match the previouslystored authentication pattern.
 6. The computer program product of claim5, wherein the previously stored authentication pattern includes atemporal pattern, and the determining includes comparing the temporalpattern of the previously stored authentication pattern and time betweenthe first non-alphanumeric input authentication pattern and the secondnon-alphanumeric input authentication pattern.